US11138343B2 - Multiple signatures in metadata for the same data record - Google Patents

Multiple signatures in metadata for the same data record Download PDF

Info

Publication number
US11138343B2
US11138343B2 US16/251,243 US201916251243A US11138343B2 US 11138343 B2 US11138343 B2 US 11138343B2 US 201916251243 A US201916251243 A US 201916251243A US 11138343 B2 US11138343 B2 US 11138343B2
Authority
US
United States
Prior art keywords
digital signature
metadata record
data records
additional
digital signatures
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US16/251,243
Other versions
US20200233978A1 (en
Inventor
Anthony Thomas Sofia
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Priority to US16/251,243 priority Critical patent/US11138343B2/en
Assigned to INTERNATIONAL BUSINESS MACHINES CORPORATION reassignment INTERNATIONAL BUSINESS MACHINES CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SOFIA, ANTHONY THOMAS
Publication of US20200233978A1 publication Critical patent/US20200233978A1/en
Application granted granted Critical
Publication of US11138343B2 publication Critical patent/US11138343B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/235Update request formulation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2358Change logging, detection, and notification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2457Query processing with adaptation to user needs
    • G06F16/24573Query processing with adaptation to user needs using data annotations, e.g. user-defined metadata
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/68Special signature format, e.g. XML format

Definitions

  • the present invention relates to computer systems, and more particularly, to computer systems, computer-implemented methods, and computer program products configured to support multiple signatures in metadata for the same data record.
  • an event logger may capture an event record corresponding to an event, such as a system event associated with an operation of the server. Enterprises may audit such logged event records as part of regulatory compliance. For compliance, the audit may have to verify that contents of the event record have remained unmodified or that any changes have been tracked. Use of a digital signature associated with contents of a data record for tamper verification or other security uses can become less secure over time.
  • a computer-implemented method includes accessing, by a processing system, one or more data records and a metadata record.
  • the metadata record includes a first digital signature associated with the one or more data records.
  • One or more additional digital signatures associated with the one or more data records are generated, where the first digital signature and the one or more additional digital signatures are generated based on applying at least one different digital signature generation aspect with respect to the one or more data records.
  • the one or more additional digital signatures are stored in the metadata record.
  • FIG. 1 is a block diagram illustrating a computer system in accordance with various embodiments of the invention.
  • FIG. 2 is a block diagram illustrating a record log with a tamper detection record according to a non-limiting embodiment of the invention
  • FIG. 3 is a block diagram illustrating an example of digital signature updates according to a non-limiting embodiment of the invention.
  • FIG. 4 is a flow diagram illustrating a method according to a non-limiting embodiment of the invention.
  • FIG. 5 is a flow diagram illustrating a method according to a non-limiting embodiment of the invention.
  • compositions comprising, “comprising,” “includes,” “including,” “has,” “having,” “contains” or “containing,” or any other variation thereof, are intended to cover a non-exclusive inclusion.
  • a composition, a mixture, process, method, article, or apparatus that comprises a list of elements is not necessarily limited to only those elements but can include other elements not expressly listed or inherent to such composition, mixture, process, method, article, or apparatus.
  • exemplary is used herein to mean “serving as an example, instance or illustration.” Any embodiment or design described herein as “exemplary” is not necessarily to be construed as preferred or advantageous over other embodiments or designs.
  • the terms “at least one” and “one or more” can include any integer number greater than or equal to one, i.e. one, two, three, four, etc.
  • the terms “a plurality” can include any integer number greater than or equal to two, i.e. two, three, four, five, etc.
  • connection can include both an indirect “connection” and a direct “connection.”
  • a digital signature can be used to sign a data record to later verify the authenticity of the data record and/or any tampering with the contents of the data record.
  • the digital signature can be stored in a metadata record that is associated with the data record.
  • the metadata record can be a self-described entity. Over time, digital signature generation algorithms may become less secure for a given public/private key pair. Security issues may arise, for example, as computers become faster, and the computation of signatures to break a key and gain unauthorized access to private key material can become feasible.
  • a metadata record storage structure may not be sized to support updated digital signatures of an expanded size that would reduce the risk of successful unauthorized access to or modification of the contents of a signed data record.
  • one or more embodiments of the invention address the above-described shortcomings of the prior art by using multiple digital signatures in a metadata record that already exists and has been generated on behalf of existing data records.
  • data can be hashed, and the subsequent hash can have a cryptographic operation performed on it (e.g., with a private key or a public key depending if the data is being signed or verified).
  • the metadata records can be resized as part of the verification process in order to support holding one or more additional signatures, such as a second (or third, etc.) signature.
  • the old signature(s) can be removed to make room for the new signature.
  • Embodiments can perform an existing verification function on a data set of records.
  • hashing of the records can be performed as the input into a public key cryptographic operation. The result can be compared with a signature that is currently stored in the metadata record. When the hash is computed, it can be signed with a new signature algorithm. If the hashing method does not change, the same hash used for validation can be re-used; otherwise, a second hash can be calculated for the data to build a new signature. Multiple signatures can apply to a single source record.
  • the signatures can vary based on applying at least one different digital signature generation aspect between signature generation, such as a difference between one or more of: a hash function, an encryption algorithm, and/or a key used in generating a first digital signature and one or more additional digital signatures.
  • the signature used during validation can be selected. Either the original or secondary signature(s) can be used individually or a combination of signatures can be validated. The data can be considered valid upon signature validation.
  • a user may configure an older signature to no longer be validated while validation continues using a newer signature.
  • Embodiments of the invention can provide an ability to strip one or more older signatures out of the metadata record during a validation process. Removal or replacement of older signatures can be useful where data could otherwise be leaked by leaving vulnerable signatures in the records. Technical effects and benefits can include enhancing the security of existing data while enabling the data to remain in place.
  • FIG. 1 illustrates an example system 100 .
  • the system 100 may be a computer system, such as a server computer or the like.
  • the system 100 may include, among other components, a processing system 110 , a memory system 120 , a user interface 150 , and a communication interface 170 for network interfacing.
  • the processing system 110 may include one or more processors of the system 100 responsible for the execution of an operating system 122 , control instructions, and applications 125 installed on the system 100 .
  • the processing system 110 may be one or more devices operable to execute logic.
  • the logic may include computer executable instructions or computer code embodied in the memory system 120 or in other memory that when executed by the processing system 110 , cause the processing system 110 to perform the features implemented by the logic.
  • the computer code may include instructions executable with the processing system 110 .
  • the computer code may include embedded logic.
  • the computer code may be written in any computer language now known or later discovered, such as C++, C #, Java, Pascal, Visual Basic, Perl, HyperText Markup Language (HTML), JavaScript, assembly language, shell script, or any combination thereof.
  • the computer code may include source code and/or compiled code.
  • the processing system 110 may include one or more of a general processor, central processing unit, server, application specific integrated circuit (ASIC), digital signal processor, field programmable gate array (FPGA), digital circuit, analog circuit, or combinations thereof.
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the processing system 110 can be in communication with the memory system 120 and other components of the system 100 .
  • the processing system 110 can also be in communication with additional elements, such as the user interface 150 and the communication interface 170 .
  • the memory system 120 can be a non-transitory computer storage medium.
  • the memory system 120 can include DRAM, SRAM, Flash or any other type of memory or a combination thereof.
  • the memory system 120 may store one or more operating system 122 and applications 125 that are executable by the processing system 110 .
  • the operating system 122 and the applications 125 may be stored on the memory system 120 by the manufacturer, provider, or end-user of the system 100 .
  • the memory system 120 may contain other data such as images, videos, documents, spreadsheets, audio files, and other data that may be associated with operation of the system 100 .
  • the memory system 120 can be used to store an event record log 127 .
  • the user interface 150 may include a display, a speaker, a keyboard, a mouse, or any other component that facilitates user interaction.
  • the display may be touch screen enabled.
  • the user interface 150 may, alternatively, or in addition, a microphone or any other component that may facilitate user interaction.
  • the user interface 150 can include circuitry, such as processor, memory, communication interfaces, integrated circuits, antennas, resistors, capacitors, and any other hardware components.
  • the user interface 150 may also involve software.
  • the user interface 150 may include instructions and/or data that may be stored on the memory.
  • the instructions and/or data may control operations of the user interface 150 .
  • the instructions may be computer executable.
  • the data may include parameters and/or preset conditions associated with the user interface 150 .
  • the event record log 127 can include one or more event records 130 a - 130 x .
  • An event record 130 can include a data record describing an operation of the system 100 , for instance.
  • the operating system 122 using the processing system 110 , can record the event records 130 a - 130 x in response to an operation being initiated and/or completed.
  • the event may be a startup event of the system 100 , a file creation event, a file copy event, a user login event, or any other event that the operating system 122 may detect.
  • the operating system 122 can be configured to detect a predetermined type of events.
  • the operating system 122 may be configured to detect ‘file’ type events such as a file creation event, a file copy event, a file move event, a file deletion event, a file modification event, or any other file event.
  • ‘file’ type events such as a file creation event, a file copy event, a file move event, a file deletion event, a file modification event, or any other file event.
  • ‘user’ type events such as a user login event, a user logout event, a user profile change event and other user events.
  • Other event types are possible and above are just a few examples.
  • the event records 130 a - 130 x can be stored using a predetermined format.
  • an event record may include a header and a payload.
  • the payload can include a description of a corresponding event.
  • the payload can include a file identification, a file location, an indication of the operation performed, and other information describing the event.
  • the header can include metadata that describes the payload, such as a length of the payload, a timestamp, or the like.
  • the event records 130 a - 130 x can be stored in one or more files. Alternatively, the event records 130 a - 130 x may be entries within a file or a stream, such as a log stream.
  • the event record log 127 can be used to validate the operation of the system 100 .
  • the operating system 122 may include System Management Facilities (SMF).
  • SMF Enterprises can use the event record log 127 to show regulatory compliance.
  • the system 100 may have to perform operations in a predetermined manner.
  • the SMF can facilitate querying the event record log 127 , such as via an Application Programming Interface (API), to ensure that the system 100 was complaint with the predetermined manner of operations.
  • API Application Programming Interface
  • the SMF or a system auditor can operate according to the predetermined format of the event records 130 a - 130 x . Hence, modifying the predetermined format may cause the system auditor and the SMF to cease from current operations.
  • FIG. 2 illustrates an example of the event record log 127 including a tamper detection record 200 and is described with continued reference to FIG. 1 .
  • the processing system 110 may generate the event record 130 a .
  • the operating system 122 may additionally generate metadata that includes tamper detection information for the event record 130 a .
  • the operating system 122 may record or format the tamper detection information as a separate event record 130 x , also referred to as the tamper detection record 200 .
  • the operating system 122 may subsequently record the tamper detection record 200 in the event record log 127 .
  • the processing system 110 may insert a separate record in the event record log 127 that contains the tamper detection information of the event record 130 a .
  • the tamper detection record 200 may use the same predetermined format of the event records 130 a , 130 b.
  • the tamper detection record 200 includes a header 210 and a payload 220 .
  • the payload 220 can include a digital signature 225 for the corresponding event record 130 a .
  • the digital signature 225 can demonstrate the authenticity of the corresponding event record 130 a .
  • the digital signature 225 can be encrypted, such as using asymmetric cryptography or any other type of encryption techniques.
  • the digital signature 225 may be based on contents of the event record 130 a , a private key, a public key, a timestamp, or other information of the event associated with the event record 130 a .
  • the contents of the event record 130 a may be hashed, such as using a hashing scheme prior to encryption.
  • the operating system 122 may decrypt the digital signature 225 in the payload 220 and compare it with the contents of the event record 130 a .
  • the header 210 may include metadata of the payload 220 .
  • the header 210 may include a length of the payload 220 or a timestamp.
  • the header 210 may include an identifier that indicates that the payload 220 contains tamper detection information rather than a description of an event as is the case with a typical event record.
  • the operating system 122 may associate the tamper detection record 200 with a single event record, such as the event record 130 a .
  • the header 210 may include a spatial reference of the event record 130 a .
  • the spatial reference may be a memory location of the event record 130 a .
  • the spatial reference may be a spatial relation between the tamper detection record 200 and the corresponding event record 130 a .
  • the spatial relation can be a predetermined relation based on the memory locations of the records.
  • the spatial reference of the first event record 130 a can be implicitly identified based on the predetermined relation and the memory location of the second event record 130 b , thus, avoiding explicitly saving a spatial reference in the tamper detection record 200 .
  • the spatial reference can be either explicitly stored, or the spatial reference can be implicit. If the spatial reference is explicit, the location of the first event record 130 a can be stored in the tamper detection record 200 . The location may be a location of the first event record 130 a in memory or in a file. When the spatial reference is implicit, the spatial reference can be with relation to the data in memory or a file.
  • the system 100 may use a predetermined spatial relation between the first event record 130 a and the tamper detection record 200 . For example, according to the predetermined spatial relation, the first event record 130 a may precede the tamper detection record 200 with no other records in between.
  • the predetermined spatial relation permits other event records of the same type as the first event record 130 a in between the first event record 130 a and the tamper detection record 200 .
  • the other event records cannot be included in the tamper-resistant data, which is the payload 220 , of the tamper detection record 200 .
  • the operating system 122 may associate the tamper detection record 200 with more than one event record in the event record log 127 , such as with the event records 130 a and 130 b .
  • the header 210 may include spatial references to each event record that is associated with the tamper detection record 200 . Additionally, the header 210 may include a number of event records that the tamper detection record 200 is associated with and the length of each respective digital signature 225 included in the payload 220 .
  • the operating system 122 may associate the tamper detection record 200 with a predetermined number of successive event records in the event record log 127 .
  • the tamper detection record 200 may be associated with five successive event records, or ten successive event records, or any other predetermined number of event records.
  • the number of event records associated with the tamper detection record 200 may be dynamically determined based on a number of event records stored in a predetermined memory range that the tamper detection record 200 is associated with.
  • the spatial reference in the header 210 may identify the memory range that is associated with the tamper detection record 200 .
  • the operating system 122 may associate the tamper detection record 200 with events of a selected type, such as file type events, user type events, or any other type of events. For example, consider that the tamper detection record 200 is associated with file type events. If the operating system 122 generates the event record 130 a in response to a file type event, the operating system 122 may associate the event record 130 a with the tamper detection record 200 .
  • the header 210 of the tamper detection record 200 in such a case, may indicate an identifier of the type of event records that are associated with the tamper detection record 200 . In the above example, the header 210 may include an identifier of the file type event.
  • the operating system 122 may associate each file type event record with the tamper detection record 200 .
  • the operating system 122 may associate the tamper detection record 200 with a set of consecutive event records of the same type.
  • the memory locations of the event records in the set of consecutive event records may precede the tamper detection record 200 or vice versa.
  • the operating system 122 may generate and associate the tamper detection record 200 with the event records generated corresponding to the events.
  • the operating system 122 may generate a first event record 130 a and a second event record 130 b that are of the same type.
  • the operating system 122 may generate the tamper detection record 200 that is associated with the first event record 130 a and the second event record 130 b .
  • the tamper detection record 200 may be associated with more than two event records of the same type.
  • the event record log 127 may be created and stored, for example, in memory system 120 .
  • the digital signature 225 should be enhanced through one or more new/updated digital signature generation algorithms.
  • Security enhancements may be achieved by creating one or more additional digital signatures to supplement or replace instances of the digital signature 225 . Further details are provided with respect to FIGS. 3-5 .
  • FIG. 3 depicts a block diagram 300 illustrating options for incorporating a second digital signature into a metadata record that includes a first digital signature.
  • a metadata record 302 can include a first digital signature 304 A associated with contents of one or more data records 306 .
  • the metadata record 302 can be an instance of the tamper detection record 200 of FIG. 2 stored in the memory system 120 of FIG. 1
  • the one or more data records 306 can be instances of one or more of the event records 130 a - 130 x of FIG. 1 stored in the memory system 120 .
  • a utility application 308 can execute on computer resources, such as one of the applications 125 executing on the processing system 110 of FIG. 1 .
  • the utility application 308 can include a first signature generator verifier 310 A and a second signature generator verifier 310 B.
  • the first signature generator verifier 310 A can include algorithms used to create and verify the first digital signature 304 A, which can also be used to create and verify the digital signature 225 of FIG. 2 .
  • the second signature generator verifier 310 B can include algorithms used to create and verify one or more additional digital signatures 304 B, where different signature generation and verification algorithms (e.g., different hash functions, encryption algorithms, and/or keys) are used by the second signature generator verifier 310 B with respect to the first signature generator verifier 310 A.
  • Additional signature generator verifiers (not depicted) can be incorporated in or accessed by the utility application 308 to support additional digital signature variations (e.g., three or more digital signature variations).
  • the one or more additional digital signatures 304 B can be larger in size than the first digital signature 304 A and may include one or more security enhancements with respect to the first digital signature 304 A.
  • the utility application 308 can use the second signature generator verifier 310 B to create the one or more additional digital signatures 304 B based on the one or more data records 306 and store the one or more additional digital signatures 304 B in the metadata record 302 as metadata record 302 A.
  • the metadata record 302 A can store both the first digital signature 304 A and the one or more additional digital signatures 304 B associated with the same instances of the one or more data records 306 .
  • the utility application 308 can use the second signature generator verifier 310 B to create the one or more additional digital signatures 304 B based on the one or more data records 306 and store the one or more additional digital signatures 304 B in the metadata record 302 as metadata record 302 B.
  • the metadata record 302 B is an example of a digital signature replacement, where the first digital signature 304 A is removed and the one or more additional digital signatures 304 B are added to the metadata record 302 B.
  • Another variation can include where the utility application 308 uses the second signature generator verifier 310 B to create the one or more additional digital signatures 304 B based on the one or more data records 306 but does not store the one or more additional digital signatures 304 B in the metadata record 302 , for instance, due to size constraints of the metadata record 302 .
  • the utility application 308 can create an update-needed tag 312 in the metadata record 302 as metadata record 302 C.
  • the update-needed tag 312 can be used as an indicator that the one or more additional digital signatures 304 B should be added when expansion of the metadata record 302 C is available, such as on a copy operation or movement between locations (e.g., within the memory system 120 ).
  • the utility application 308 can replace the update-needed tag 312 with the one or more additional digital signatures 304 B in metadata record 302 D which has a greater storage capacity than metadata record 302 C.
  • the metadata record 302 C can retain the first digital signature 304 A for performing verification or authentication of the one or more data records 306 .
  • the metadata record 302 D may retain the first digital signature 304 A, or the first digital signature 304 A can be removed when the one or more additional digital signatures 304 B are stored in the metadata record 302 D. It will be understood that other variations are contemplated. For example, there can be separate instances of the signature verifier 310 B for each of the one or more additional digital signatures 304 B.
  • FIG. 4 a flow diagram of a process 400 is generally shown in accordance with an embodiment.
  • the process 400 is described with reference to FIGS. 1-4 and may include additional steps beyond those depicted in FIG. 4 .
  • the process 400 can be performed by the processing system 110 of FIG. 1 .
  • the processing system 110 can access one or more data records 306 and a metadata record 302 , where the metadata record 302 includes a first digital signature 304 A associated with the one or more data records 306 .
  • the processing system 110 can generate one or more additional digital signatures 304 B associated with the one or more data records 306 , where the first digital signature 304 A and the one or more additional digital signatures 304 B are generated based on applying at least one different digital signature generation aspect with respect to the one or more data records 306 .
  • the at least one different digital signature generation aspect can include, for example, a difference between one or more of: a hash function, an encryption algorithm, and a key used in generating the first digital signature 304 A and the one or more additional digital signatures 304 B.
  • the processing system 110 can store the one or more additional digital signatures 304 B in the metadata record 302 , such as depicted in the examples of metadata records 302 A- 302 D of FIG. 3 .
  • storing of the one or more additional digital signatures 304 B is in performed in addition to the first digital signature 304 A.
  • the first digital signature 304 A can be overwritten with the one or more additional digital signatures 304 B in the metadata record 302 B.
  • the processing system 110 can add an update-needed tag 312 to the metadata record 302 based on determining that the metadata record 302 includes an insufficient capacity to store the one or more additional digital signatures 304 B in the metadata record 302 .
  • a storage capacity of the metadata record 302 can be expanded upon copying the metadata record 302 from a first storage location to a second storage location (e.g., metadata record 302 C copied as metadata record 302 D).
  • the update-needed tag 312 can be replaced with the one or more additional digital signatures 304 B after expanding the storage capacity of the metadata record 302 .
  • Other variations are contemplated in storing of the one or more additional digital signatures 304 B.
  • the one or more additional digital signatures 304 B can be stored in the metadata record 302 after performing a validation of the one or more data records 306 to confirm that the one or more data records 306 are unchanged based on the first digital signature 304 A.
  • FIG. 5 a flow diagram of a process 500 is generally shown in accordance with an embodiment.
  • the process 500 is described with reference to FIGS. 1-5 and may include additional steps beyond those depicted in FIG. 5 .
  • the process 500 can be performed, for example, by the processing system 110 of FIG. 1 .
  • the processing system 110 can read the first digital signature 304 A and the one or more additional digital signatures 304 B from the metadata record 302 .
  • the processing system 110 can perform a validation of the one or more data records 306 to confirm that the one or more data records 306 are unchanged based on at least one of the first digital signature 304 A and the one or more additional digital signatures 304 B. Validation can be performed using, for example, either or both of the first signature generator verifier 310 A and the second signature generator verifier 310 B.
  • the first signature generator verifier 310 A and the second signature generator verifier 310 B can use public and private key pairs associated with the first digital signature 304 A and the one or more additional digital signatures 304 B and apply known validation algorithms respectively.
  • the processing system 110 can determine whether the validation passed, for instance, through results of the first signature generator verifier 310 A and/or the second signature generator verifier 310 B.
  • the processing system 110 can update the data records 306 , and at block 525 , update either or both of the first digital signature 304 A and the one or more additional digital signatures 304 B based on the update to the one or more data records 306 .
  • Updates to the first digital signature 304 A and the one or more additional digital signatures 304 B can be made by the first signature generator verifier 310 A and the second signature generator verifier 310 B respectively.
  • the processing system 110 can output an invalidity notification for the one or more data records 306 .
  • the invalidity notification can identify potential tampering or corruption of the one or more data records 306 .
  • Corrective actions can include reconstruction or replacement of the one or more data records 306 , for instance, from a backup copy or other source.
  • the processing system 110 can read the first digital signature 304 A and the one or more additional digital signatures 304 B from the metadata record 302 and perform a validation of the one or more data records 306 to confirm that the one or more data records 306 are unchanged based on a combination of the first digital signature 304 A and the one or more additional digital signatures 304 B.
  • the processing system 110 can read the first digital signature 304 A and the one or more additional digital signatures 304 B from the metadata record 302 , select between the first digital signature 304 A and the one or more additional digital signatures 304 B as a preferred digital signature, and perform a validation of the one or more data records 306 to confirm that the one or more data records 306 are unchanged based on the preferred digital signature.
  • the preferred digital signature can be selected based on a most recently updated digital signature identified between the first digital signature 304 A and the one or more additional digital signatures 304 B.
  • digital signatures can be added to the metadata record 302 in sequential order to identify the most recent digital signature.
  • the preferred digital signature can be selected based on a greater digital signature length identified between the first digital signature 304 A and the one or more additional digital signatures 304 B.
  • the preferred digital signature can be selected based on any user-based preference.
  • the present invention may be a system, a method, and/or a computer program product at any possible technical detail level of integration
  • the computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention
  • the computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device.
  • the computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.
  • a non-exhaustive list of more specific examples of the computer readable storage medium includes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing.
  • RAM random access memory
  • ROM read-only memory
  • EPROM or Flash memory erasable programmable read-only memory
  • SRAM static random access memory
  • CD-ROM compact disc read-only memory
  • DVD digital versatile disk
  • memory stick a floppy disk
  • a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon
  • a computer readable storage medium is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
  • Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network.
  • the network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers.
  • a network adapter card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
  • Computer readable program instructions for carrying out operations of the present invention may be assembler instructions, instruction-set-architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, configuration data for integrated circuitry, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++, or the like, and procedural programming languages, such as the “C” programming language or similar programming languages.
  • the computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server.
  • the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
  • electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instruction by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
  • These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
  • These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
  • the computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
  • each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s).
  • the functions noted in the blocks may occur out of the order noted in the Figures.
  • two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Library & Information Science (AREA)
  • Computational Linguistics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

Aspects include accessing, by a processing system, one or more data records and a metadata record. The metadata record includes a first digital signature associated with the one or more data records. One or more additional digital signatures associated with the one or more data records are generated, where the first digital signature and the one or more additional digital signatures are generated based on applying at least one different digital signature generation aspect with respect to the one or more data records. The one or more additional digital signatures are stored in the metadata record.

Description

BACKGROUND
The present invention relates to computer systems, and more particularly, to computer systems, computer-implemented methods, and computer program products configured to support multiple signatures in metadata for the same data record.
In systems such as a server, an event logger may capture an event record corresponding to an event, such as a system event associated with an operation of the server. Enterprises may audit such logged event records as part of regulatory compliance. For compliance, the audit may have to verify that contents of the event record have remained unmodified or that any changes have been tracked. Use of a digital signature associated with contents of a data record for tamper verification or other security uses can become less secure over time.
SUMMARY
According to one or more embodiments of the present invention, a computer-implemented method includes accessing, by a processing system, one or more data records and a metadata record. The metadata record includes a first digital signature associated with the one or more data records. One or more additional digital signatures associated with the one or more data records are generated, where the first digital signature and the one or more additional digital signatures are generated based on applying at least one different digital signature generation aspect with respect to the one or more data records. The one or more additional digital signatures are stored in the metadata record.
Other embodiments of the invention implement the features of the above-described method in a computer system and in a computer program product.
Additional technical features and benefits are realized through the techniques of the present invention. Embodiments and aspects of the invention are described in detail herein and are considered a part of the claimed subject matter. For a better understanding, refer to the detailed description and to the drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
The specifics of the exclusive rights described herein are particularly pointed out and distinctly claimed in the claims at the conclusion of the specification. The foregoing and other features and advantages of the embodiments of the invention are apparent from the following detailed description taken in conjunction with the accompanying drawings in which:
FIG. 1 is a block diagram illustrating a computer system in accordance with various embodiments of the invention;
FIG. 2 is a block diagram illustrating a record log with a tamper detection record according to a non-limiting embodiment of the invention;
FIG. 3 is a block diagram illustrating an example of digital signature updates according to a non-limiting embodiment of the invention;
FIG. 4 is a flow diagram illustrating a method according to a non-limiting embodiment of the invention; and
FIG. 5 is a flow diagram illustrating a method according to a non-limiting embodiment of the invention.
The diagrams depicted herein are illustrative. There can be many variations to the diagrams or the operations described therein without departing from the spirit of the invention. For instance, the actions can be performed in a differing order or actions can be added, deleted or modified. Also, the term “coupled” and variations thereof describes having a communications path between two elements and does not imply a direct connection between the elements with no intervening elements/connections between them. All of these variations are considered a part of the specification.
DETAILED DESCRIPTION
Various embodiments of the invention are described herein with reference to the related drawings. Alternative embodiments of the invention can be devised without departing from the scope of this invention. Various connections and positional relationships (e.g., over, below, adjacent, etc.) are set forth between elements in the following description and in the drawings. These connections and/or positional relationships, unless specified otherwise, can be direct or indirect, and the present invention is not intended to be limiting in this respect. Accordingly, a coupling of entities can refer to either a direct or an indirect coupling, and a positional relationship between entities can be a direct or indirect positional relationship. Moreover, the various tasks and process steps described herein can be incorporated into a more comprehensive procedure or process having additional steps or functionality not described in detail herein.
The following definitions and abbreviations are to be used for the interpretation of the claims and the specification. As used herein, the terms “comprises,” “comprising,” “includes,” “including,” “has,” “having,” “contains” or “containing,” or any other variation thereof, are intended to cover a non-exclusive inclusion. For example, a composition, a mixture, process, method, article, or apparatus that comprises a list of elements is not necessarily limited to only those elements but can include other elements not expressly listed or inherent to such composition, mixture, process, method, article, or apparatus.
Additionally, the term “exemplary” is used herein to mean “serving as an example, instance or illustration.” Any embodiment or design described herein as “exemplary” is not necessarily to be construed as preferred or advantageous over other embodiments or designs. The terms “at least one” and “one or more” can include any integer number greater than or equal to one, i.e. one, two, three, four, etc. The terms “a plurality” can include any integer number greater than or equal to two, i.e. two, three, four, five, etc. The term “connection” can include both an indirect “connection” and a direct “connection.”
The terms “about,” “substantially,” “approximately,” and variations thereof, are intended to include the degree of error associated with measurement of the particular quantity based upon the equipment available at the time of filing the application. For example, “about” can include a range of ±8% or 5%, or 2% of a given value.
For the sake of brevity, conventional techniques related to making and using aspects of the invention may or may not be described in detail herein. In particular various aspects of computing systems and specific computer programs to implement the various technical features described herein are well known. Accordingly, in the interest of brevity, many conventional implementation details are only mentioned briefly herein or are omitted entirely without providing the well-known system and/or process details.
Turning now to an overview of technologies that are more specifically relevant to aspects of the invention, a digital signature can be used to sign a data record to later verify the authenticity of the data record and/or any tampering with the contents of the data record. The digital signature can be stored in a metadata record that is associated with the data record. The metadata record can be a self-described entity. Over time, digital signature generation algorithms may become less secure for a given public/private key pair. Security issues may arise, for example, as computers become faster, and the computation of signatures to break a key and gain unauthorized access to private key material can become feasible. In some instances, a metadata record storage structure may not be sized to support updated digital signatures of an expanded size that would reduce the risk of successful unauthorized access to or modification of the contents of a signed data record.
Turning now to an overview of the aspects of the invention, one or more embodiments of the invention address the above-described shortcomings of the prior art by using multiple digital signatures in a metadata record that already exists and has been generated on behalf of existing data records. In the context of a tamper-evident log, for example, data can be hashed, and the subsequent hash can have a cryptographic operation performed on it (e.g., with a private key or a public key depending if the data is being signed or verified). As data is verified, the data can be output to an output data set for further processing using the metadata record. In embodiments, the metadata records can be resized as part of the verification process in order to support holding one or more additional signatures, such as a second (or third, etc.) signature. In the event that a new signature cannot be held due to size limitations of the existing metadata record, then the old signature(s) can be removed to make room for the new signature.
The above-described aspects of the invention address the shortcomings of the prior art by adding the ability to re-sign data in place. Embodiments can perform an existing verification function on a data set of records. As part of an existing verification function, hashing of the records can be performed as the input into a public key cryptographic operation. The result can be compared with a signature that is currently stored in the metadata record. When the hash is computed, it can be signed with a new signature algorithm. If the hashing method does not change, the same hash used for validation can be re-used; otherwise, a second hash can be calculated for the data to build a new signature. Multiple signatures can apply to a single source record. The signatures can vary based on applying at least one different digital signature generation aspect between signature generation, such as a difference between one or more of: a hash function, an encryption algorithm, and/or a key used in generating a first digital signature and one or more additional digital signatures. During the next validation process, the signature used during validation can be selected. Either the original or secondary signature(s) can be used individually or a combination of signatures can be validated. The data can be considered valid upon signature validation. In some embodiments, a user may configure an older signature to no longer be validated while validation continues using a newer signature.
Embodiments of the invention can provide an ability to strip one or more older signatures out of the metadata record during a validation process. Removal or replacement of older signatures can be useful where data could otherwise be leaked by leaving vulnerable signatures in the records. Technical effects and benefits can include enhancing the security of existing data while enabling the data to remain in place.
FIG. 1 illustrates an example system 100. The system 100 may be a computer system, such as a server computer or the like. The system 100 may include, among other components, a processing system 110, a memory system 120, a user interface 150, and a communication interface 170 for network interfacing.
The processing system 110 may include one or more processors of the system 100 responsible for the execution of an operating system 122, control instructions, and applications 125 installed on the system 100. The processing system 110 may be one or more devices operable to execute logic. The logic may include computer executable instructions or computer code embodied in the memory system 120 or in other memory that when executed by the processing system 110, cause the processing system 110 to perform the features implemented by the logic. The computer code may include instructions executable with the processing system 110. The computer code may include embedded logic. The computer code may be written in any computer language now known or later discovered, such as C++, C #, Java, Pascal, Visual Basic, Perl, HyperText Markup Language (HTML), JavaScript, assembly language, shell script, or any combination thereof. The computer code may include source code and/or compiled code. The processing system 110 may include one or more of a general processor, central processing unit, server, application specific integrated circuit (ASIC), digital signal processor, field programmable gate array (FPGA), digital circuit, analog circuit, or combinations thereof. The processing system 110 can be in communication with the memory system 120 and other components of the system 100. In one example, the processing system 110 can also be in communication with additional elements, such as the user interface 150 and the communication interface 170.
The memory system 120 can be a non-transitory computer storage medium. The memory system 120 can include DRAM, SRAM, Flash or any other type of memory or a combination thereof. The memory system 120 may store one or more operating system 122 and applications 125 that are executable by the processing system 110. The operating system 122 and the applications 125 may be stored on the memory system 120 by the manufacturer, provider, or end-user of the system 100. The memory system 120 may contain other data such as images, videos, documents, spreadsheets, audio files, and other data that may be associated with operation of the system 100. For example, the memory system 120 can be used to store an event record log 127.
The user interface 150 may include a display, a speaker, a keyboard, a mouse, or any other component that facilitates user interaction. The display may be touch screen enabled. The user interface 150 may, alternatively, or in addition, a microphone or any other component that may facilitate user interaction. The user interface 150 can include circuitry, such as processor, memory, communication interfaces, integrated circuits, antennas, resistors, capacitors, and any other hardware components. The user interface 150 may also involve software. For example, the user interface 150 may include instructions and/or data that may be stored on the memory. The instructions and/or data may control operations of the user interface 150. The instructions may be computer executable. The data may include parameters and/or preset conditions associated with the user interface 150.
The event record log 127 can include one or more event records 130 a-130 x. An event record 130 can include a data record describing an operation of the system 100, for instance. The operating system 122, using the processing system 110, can record the event records 130 a-130 x in response to an operation being initiated and/or completed. For example, the event may be a startup event of the system 100, a file creation event, a file copy event, a user login event, or any other event that the operating system 122 may detect. The operating system 122 can be configured to detect a predetermined type of events. For example, the operating system 122 may be configured to detect ‘file’ type events such as a file creation event, a file copy event, a file move event, a file deletion event, a file modification event, or any other file event. In addition or alternatively, the operating system 122 may be configured to detect ‘user’ type events, such as a user login event, a user logout event, a user profile change event and other user events. Other event types are possible and above are just a few examples.
The event records 130 a-130 x can be stored using a predetermined format. For example, an event record may include a header and a payload. The payload can include a description of a corresponding event. For example, if the corresponding event is a file event, the payload can include a file identification, a file location, an indication of the operation performed, and other information describing the event. The header can include metadata that describes the payload, such as a length of the payload, a timestamp, or the like. The event records 130 a-130 x can be stored in one or more files. Alternatively, the event records 130 a-130 x may be entries within a file or a stream, such as a log stream.
The event record log 127 can be used to validate the operation of the system 100. For example, the operating system 122 may include System Management Facilities (SMF). SMF Enterprises can use the event record log 127 to show regulatory compliance. For example, to be compliant, the system 100 may have to perform operations in a predetermined manner. The SMF can facilitate querying the event record log 127, such as via an Application Programming Interface (API), to ensure that the system 100 was complaint with the predetermined manner of operations. In this regard, the SMF or a system auditor can operate according to the predetermined format of the event records 130 a-130 x. Hence, modifying the predetermined format may cause the system auditor and the SMF to cease from current operations.
Regulatory compliance may make it vital for the SMF to ensure that the event records in the event record log 127 have not been tampered with. Addition of such tamper detection record, as described herein, may cause the SMF and system auditor to be modified, thus leading to additional use of resources. The examples described herein provide technical solutions to this technical problem.
FIG. 2 illustrates an example of the event record log 127 including a tamper detection record 200 and is described with continued reference to FIG. 1. For example, the processing system 110 may generate the event record 130 a. In response, the operating system 122 may additionally generate metadata that includes tamper detection information for the event record 130 a. The operating system 122 may record or format the tamper detection information as a separate event record 130 x, also referred to as the tamper detection record 200. The operating system 122 may subsequently record the tamper detection record 200 in the event record log 127. Thus, the processing system 110 may insert a separate record in the event record log 127 that contains the tamper detection information of the event record 130 a. The tamper detection record 200 may use the same predetermined format of the event records 130 a, 130 b.
For example, as shown in FIG. 2, the tamper detection record 200 includes a header 210 and a payload 220. The payload 220 can include a digital signature 225 for the corresponding event record 130 a. The digital signature 225 can demonstrate the authenticity of the corresponding event record 130 a. In an example, the digital signature 225 can be encrypted, such as using asymmetric cryptography or any other type of encryption techniques. For example, the digital signature 225 may be based on contents of the event record 130 a, a private key, a public key, a timestamp, or other information of the event associated with the event record 130 a. In an example, the contents of the event record 130 a may be hashed, such as using a hashing scheme prior to encryption. To validate the event record 130 a, the operating system 122 may decrypt the digital signature 225 in the payload 220 and compare it with the contents of the event record 130 a. The header 210 may include metadata of the payload 220. For example, the header 210 may include a length of the payload 220 or a timestamp. In addition, the header 210 may include an identifier that indicates that the payload 220 contains tamper detection information rather than a description of an event as is the case with a typical event record.
In an example, the operating system 122 may associate the tamper detection record 200 with a single event record, such as the event record 130 a. For example, the header 210 may include a spatial reference of the event record 130 a. The spatial reference may be a memory location of the event record 130 a. Alternatively or in addition, the spatial reference may be a spatial relation between the tamper detection record 200 and the corresponding event record 130 a. For example, the spatial relation can be a predetermined relation based on the memory locations of the records. In such a case, the spatial reference of the first event record 130 a can be implicitly identified based on the predetermined relation and the memory location of the second event record 130 b, thus, avoiding explicitly saving a spatial reference in the tamper detection record 200.
The spatial reference can be either explicitly stored, or the spatial reference can be implicit. If the spatial reference is explicit, the location of the first event record 130 a can be stored in the tamper detection record 200. The location may be a location of the first event record 130 a in memory or in a file. When the spatial reference is implicit, the spatial reference can be with relation to the data in memory or a file. The system 100 may use a predetermined spatial relation between the first event record 130 a and the tamper detection record 200. For example, according to the predetermined spatial relation, the first event record 130 a may precede the tamper detection record 200 with no other records in between. Alternatively, the predetermined spatial relation permits other event records of the same type as the first event record 130 a in between the first event record 130 a and the tamper detection record 200. In an example, the other event records cannot be included in the tamper-resistant data, which is the payload 220, of the tamper detection record 200.
In an example, the operating system 122 may associate the tamper detection record 200 with more than one event record in the event record log 127, such as with the event records 130 a and 130 b. Accordingly, the header 210 may include spatial references to each event record that is associated with the tamper detection record 200. Additionally, the header 210 may include a number of event records that the tamper detection record 200 is associated with and the length of each respective digital signature 225 included in the payload 220. In an example, the operating system 122 may associate the tamper detection record 200 with a predetermined number of successive event records in the event record log 127. For example, the tamper detection record 200 may be associated with five successive event records, or ten successive event records, or any other predetermined number of event records. Alternatively or in addition, the number of event records associated with the tamper detection record 200 may be dynamically determined based on a number of event records stored in a predetermined memory range that the tamper detection record 200 is associated with. The spatial reference in the header 210 may identify the memory range that is associated with the tamper detection record 200.
In another example, the operating system 122 may associate the tamper detection record 200 with events of a selected type, such as file type events, user type events, or any other type of events. For example, consider that the tamper detection record 200 is associated with file type events. If the operating system 122 generates the event record 130 a in response to a file type event, the operating system 122 may associate the event record 130 a with the tamper detection record 200. The header 210 of the tamper detection record 200, in such a case, may indicate an identifier of the type of event records that are associated with the tamper detection record 200. In the above example, the header 210 may include an identifier of the file type event. The operating system 122 may associate each file type event record with the tamper detection record 200.
In yet another example, the operating system 122 may associate the tamper detection record 200 with a set of consecutive event records of the same type. The memory locations of the event records in the set of consecutive event records may precede the tamper detection record 200 or vice versa. For example, in response to detecting two or more consecutive events of the same type, the operating system 122 may generate and associate the tamper detection record 200 with the event records generated corresponding to the events. For example, the operating system 122 may generate a first event record 130 a and a second event record 130 b that are of the same type. In this case, the operating system 122 may generate the tamper detection record 200 that is associated with the first event record 130 a and the second event record 130 b. In other examples, the tamper detection record 200 may be associated with more than two event records of the same type.
In embodiments, after the event record log 127 is created and stored, for example, in memory system 120, it may be desirable to update or replace the digital signature 225. For instance, as time passes, it may be determined that the digital signature 225 should be enhanced through one or more new/updated digital signature generation algorithms. Security enhancements may be achieved by creating one or more additional digital signatures to supplement or replace instances of the digital signature 225. Further details are provided with respect to FIGS. 3-5.
FIG. 3 depicts a block diagram 300 illustrating options for incorporating a second digital signature into a metadata record that includes a first digital signature. A metadata record 302 can include a first digital signature 304A associated with contents of one or more data records 306. For example, the metadata record 302 can be an instance of the tamper detection record 200 of FIG. 2 stored in the memory system 120 of FIG. 1, and the one or more data records 306 can be instances of one or more of the event records 130 a-130 x of FIG. 1 stored in the memory system 120. A utility application 308 can execute on computer resources, such as one of the applications 125 executing on the processing system 110 of FIG. 1. The utility application 308 can include a first signature generator verifier 310A and a second signature generator verifier 310B. The first signature generator verifier 310A can include algorithms used to create and verify the first digital signature 304A, which can also be used to create and verify the digital signature 225 of FIG. 2. The second signature generator verifier 310B can include algorithms used to create and verify one or more additional digital signatures 304B, where different signature generation and verification algorithms (e.g., different hash functions, encryption algorithms, and/or keys) are used by the second signature generator verifier 310B with respect to the first signature generator verifier 310A. Additional signature generator verifiers (not depicted) can be incorporated in or accessed by the utility application 308 to support additional digital signature variations (e.g., three or more digital signature variations).
The one or more additional digital signatures 304B can be larger in size than the first digital signature 304A and may include one or more security enhancements with respect to the first digital signature 304A. In embodiments, where there is sufficient available size within the metadata record 302, the utility application 308 can use the second signature generator verifier 310B to create the one or more additional digital signatures 304B based on the one or more data records 306 and store the one or more additional digital signatures 304B in the metadata record 302 as metadata record 302A. Thus, the metadata record 302A can store both the first digital signature 304A and the one or more additional digital signatures 304B associated with the same instances of the one or more data records 306. As a further variation, the utility application 308 can use the second signature generator verifier 310B to create the one or more additional digital signatures 304B based on the one or more data records 306 and store the one or more additional digital signatures 304B in the metadata record 302 as metadata record 302B. The metadata record 302B is an example of a digital signature replacement, where the first digital signature 304A is removed and the one or more additional digital signatures 304B are added to the metadata record 302B.
Another variation can include where the utility application 308 uses the second signature generator verifier 310B to create the one or more additional digital signatures 304B based on the one or more data records 306 but does not store the one or more additional digital signatures 304B in the metadata record 302, for instance, due to size constraints of the metadata record 302. The utility application 308 can create an update-needed tag 312 in the metadata record 302 as metadata record 302C. The update-needed tag 312 can be used as an indicator that the one or more additional digital signatures 304B should be added when expansion of the metadata record 302C is available, such as on a copy operation or movement between locations (e.g., within the memory system 120). When copying or moving the metadata record 302C, the utility application 308 can replace the update-needed tag 312 with the one or more additional digital signatures 304B in metadata record 302D which has a greater storage capacity than metadata record 302C. The metadata record 302C can retain the first digital signature 304A for performing verification or authentication of the one or more data records 306. The metadata record 302D may retain the first digital signature 304A, or the first digital signature 304A can be removed when the one or more additional digital signatures 304B are stored in the metadata record 302D. It will be understood that other variations are contemplated. For example, there can be separate instances of the signature verifier 310B for each of the one or more additional digital signatures 304B.
Turning now to FIG. 4, a flow diagram of a process 400 is generally shown in accordance with an embodiment. The process 400 is described with reference to FIGS. 1-4 and may include additional steps beyond those depicted in FIG. 4. The process 400 can be performed by the processing system 110 of FIG. 1.
At block 405, the processing system 110 can access one or more data records 306 and a metadata record 302, where the metadata record 302 includes a first digital signature 304A associated with the one or more data records 306. At block 410, the processing system 110 can generate one or more additional digital signatures 304B associated with the one or more data records 306, where the first digital signature 304A and the one or more additional digital signatures 304B are generated based on applying at least one different digital signature generation aspect with respect to the one or more data records 306. The at least one different digital signature generation aspect can include, for example, a difference between one or more of: a hash function, an encryption algorithm, and a key used in generating the first digital signature 304A and the one or more additional digital signatures 304B.
At block 415, the processing system 110 can store the one or more additional digital signatures 304B in the metadata record 302, such as depicted in the examples of metadata records 302A-302D of FIG. 3. In some embodiments, storing of the one or more additional digital signatures 304B is in performed in addition to the first digital signature 304A. Alternatively, the first digital signature 304A can be overwritten with the one or more additional digital signatures 304B in the metadata record 302B. In some embodiments, the processing system 110 can add an update-needed tag 312 to the metadata record 302 based on determining that the metadata record 302 includes an insufficient capacity to store the one or more additional digital signatures 304B in the metadata record 302. A storage capacity of the metadata record 302 can be expanded upon copying the metadata record 302 from a first storage location to a second storage location (e.g., metadata record 302C copied as metadata record 302D). The update-needed tag 312 can be replaced with the one or more additional digital signatures 304B after expanding the storage capacity of the metadata record 302. Other variations are contemplated in storing of the one or more additional digital signatures 304B. To ensure that one or more additional digital signatures 304B are being added to an authenticated record, the one or more additional digital signatures 304B can be stored in the metadata record 302 after performing a validation of the one or more data records 306 to confirm that the one or more data records 306 are unchanged based on the first digital signature 304A.
Turning now to FIG. 5, a flow diagram of a process 500 is generally shown in accordance with an embodiment. The process 500 is described with reference to FIGS. 1-5 and may include additional steps beyond those depicted in FIG. 5. The process 500 can be performed, for example, by the processing system 110 of FIG. 1.
At block 505, the processing system 110 can read the first digital signature 304A and the one or more additional digital signatures 304B from the metadata record 302. At block 510, the processing system 110 can perform a validation of the one or more data records 306 to confirm that the one or more data records 306 are unchanged based on at least one of the first digital signature 304A and the one or more additional digital signatures 304B. Validation can be performed using, for example, either or both of the first signature generator verifier 310A and the second signature generator verifier 310B. The first signature generator verifier 310A and the second signature generator verifier 310B can use public and private key pairs associated with the first digital signature 304A and the one or more additional digital signatures 304B and apply known validation algorithms respectively.
At block 515, the processing system 110 can determine whether the validation passed, for instance, through results of the first signature generator verifier 310A and/or the second signature generator verifier 310B. At block 520, based on determining that the validation passed, the processing system 110 can update the data records 306, and at block 525, update either or both of the first digital signature 304A and the one or more additional digital signatures 304B based on the update to the one or more data records 306. Updates to the first digital signature 304A and the one or more additional digital signatures 304B can be made by the first signature generator verifier 310A and the second signature generator verifier 310B respectively.
At block 530, based on not passing the validation, the processing system 110 can output an invalidity notification for the one or more data records 306. The invalidity notification can identify potential tampering or corruption of the one or more data records 306. Corrective actions can include reconstruction or replacement of the one or more data records 306, for instance, from a backup copy or other source.
Various validation combinations can be performed depending sizing constraints and signature characteristics. For example, the processing system 110 can read the first digital signature 304A and the one or more additional digital signatures 304B from the metadata record 302 and perform a validation of the one or more data records 306 to confirm that the one or more data records 306 are unchanged based on a combination of the first digital signature 304A and the one or more additional digital signatures 304B. As another example, the processing system 110 can read the first digital signature 304A and the one or more additional digital signatures 304B from the metadata record 302, select between the first digital signature 304A and the one or more additional digital signatures 304B as a preferred digital signature, and perform a validation of the one or more data records 306 to confirm that the one or more data records 306 are unchanged based on the preferred digital signature. The preferred digital signature can be selected based on a most recently updated digital signature identified between the first digital signature 304A and the one or more additional digital signatures 304B. As an example, digital signatures can be added to the metadata record 302 in sequential order to identify the most recent digital signature. Alternatively, the preferred digital signature can be selected based on a greater digital signature length identified between the first digital signature 304A and the one or more additional digital signatures 304B. As a further example, the preferred digital signature can be selected based on any user-based preference.
The present invention may be a system, a method, and/or a computer program product at any possible technical detail level of integration. The computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.
The computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device. The computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. A non-exhaustive list of more specific examples of the computer readable storage medium includes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing. A computer readable storage medium, as used herein, is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network. The network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. A network adapter card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
Computer readable program instructions for carrying out operations of the present invention may be assembler instructions, instruction-set-architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, configuration data for integrated circuitry, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++, or the like, and procedural programming languages, such as the “C” programming language or similar programming languages. The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider). In some embodiments, electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instruction by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
Aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer readable program instructions.
These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the blocks may occur out of the order noted in the Figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts or carry out combinations of special purpose hardware and computer instructions.
The descriptions of the various embodiments of the present invention have been presented for purposes of illustration, but are not intended to be exhaustive or limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein was chosen to best explain the principles of the embodiments, the practical application or technical improvement over technologies found in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments described herein.

Claims (20)

What is claimed is:
1. A computer-implemented method comprising:
accessing, by a processing system, one or more data records and a metadata record, the metadata record comprising a first digital signature associated with the one or more data records;
generating, by the processing system, one or more additional digital signatures associated with the one or more data records, wherein the first digital signature and the one or more additional digital signatures are generated based on applying at least one different digital signature generation aspect with respect to the one or more data records;
adding an update-needed tag to the metadata record based on determining that the metadata record comprises an insufficient capacity to store the one or more additional digital signatures in the metadata record;
expanding a storage capacity of the metadata record upon copying the metadata record from a first storage location to a second storage location;
replacing the update-needed tag with the one or more additional digital signatures after expanding the storage capacity of the metadata record; and
storing the one or more additional digital signatures in the metadata record.
2. The computer-implemented method of claim 1 further comprising:
reading the first digital signature and the one or more additional digital signatures from the metadata record; and
performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on a combination of the first digital signature and the one or more additional digital signatures.
3. The computer-implemented method of claim 1 further comprising:
reading the first digital signature and the one or more additional digital signatures from the metadata record;
selecting between the first digital signature and the one or more additional digital signatures as a preferred digital signature; and
performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on the preferred digital signature.
4. The computer-implemented method of claim 3, wherein the preferred digital signature is selected based on a most recently updated digital signature identified between the first digital signature and the one or more additional digital signatures.
5. The computer-implemented method of claim 3, wherein the preferred digital signature is selected based on a greater digital signature length identified between the first digital signature and the one or more additional digital signatures.
6. The computer-implemented method of claim 1, further comprising:
overwriting the first digital signature with the one or more additional digital signatures in the metadata record.
7. The computer-implemented method of claim 1, wherein the one or more additional digital signatures are stored in the metadata record after performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on the first digital signature.
8. The computer-implemented method of claim 1, wherein the at least one different digital signature generation aspect comprises a difference between one or more of: a hash function, an encryption algorithm, and a key used in generating the first digital signature and the one or more additional digital signatures.
9. A system comprising:
a memory system; and
a processing system configured to perform a plurality of operations comprising:
accessing one or more data records and a metadata record stored in the memory system, the metadata record comprising a first digital signature associated with the one or more data records;
generating one or more additional digital signatures associated with the one or more data records, wherein the first digital signature and the one or more additional digital signatures are generated based on applying at least one different digital signature generation aspect with respect to the one or more data records;
adding an update-needed tag to the metadata record based on determining that the metadata record comprises an insufficient capacity to store the one or more additional digital signatures in the metadata record;
expanding a storage capacity of the metadata record upon copying the metadata record from a first storage location to a second storage location;
replacing the update-needed tag with the one or more additional digital signatures after expanding the storage capacity of the metadata record; and
storing the one or more additional digital signatures in the metadata record.
10. The system of claim 9, wherein the processing system is further configured to perform operations comprising:
reading the first digital signature and the one or more additional digital signatures from the metadata record; and
performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on a combination of the first digital signature and the one or more additional digital signatures.
11. The system of claim 9, wherein the processing system is further configured to perform operations comprising:
reading the first digital signature and the one or more additional digital signatures from the metadata record;
selecting between the first digital signature and the one or more additional second digital signatures as a preferred digital signature; and
performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on the preferred digital signature.
12. The system of claim 11, wherein the preferred digital signature is selected based on a most recently updated digital signature identified between the first digital signature and the one or more additional digital signatures.
13. The system of claim 11, wherein the preferred digital signature is selected based on a greater digital signature length identified between the first digital signature and the one or more additional digital signatures.
14. The system of claim 9, wherein the one or more additional digital signatures are stored in the metadata record after performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on the first digital signature.
15. The system of claim 9, wherein the at least one different digital signature generation aspect comprises a difference between one or more of: a hash function, an encryption algorithm, and a key used in generating the first digital signature and the one or more additional digital signatures.
16. A computer program product comprising a non-transitory computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processing system to perform a plurality of operations comprising:
accessing one or more data records and a metadata record, the metadata record comprising a first digital signature associated with the one or more data records;
generating one or more additional digital signatures associated with the one or more data records, wherein the first digital signature and the one or more additional digital signatures are generated based on applying at least one different digital signature generation aspect with respect to the one or more data records;
adding an update-needed tag to the metadata record based on determining that the metadata record comprises an insufficient capacity to store the one or more additional digital signatures in the metadata record;
expanding a storage capacity of the metadata record upon copying the metadata record from a first storage location to a second storage location;
replacing the update-needed tag with the one or more additional digital signatures after expanding the storage capacity of the metadata record; and
storing the one or more additional digital signatures in the metadata record.
17. The computer program product of claim 16, wherein the processing system is further configured to perform operations comprising:
reading the first digital signature and the one or more additional digital signatures from the metadata record; and
performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on a combination of the first digital signature and the one or more additional digital signatures.
18. The computer program product of claim 16, wherein the processing system is further configured to perform operations comprising:
reading the first digital signature and the one or more additional digital signatures from the metadata record;
selecting between the first digital signature and the one or more additional digital signatures as a preferred digital signature, wherein the preferred digital signature is selected based on one or more of: a most recently updated digital signature identified between the first digital signature and the one or more additional digital signatures, a greater digital signature length identified between the first digital signature and the one or more additional digital signatures, and/or a user-based preference; and
performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on the preferred digital signature.
19. The computer program product of claim 16, wherein the one or more additional digital signatures are stored in the metadata record after performing a validation of the one or more data records to confirm that the one or more data records are unchanged based on the first digital signature.
20. The computer program product of claim 16, wherein the at least one different digital signature generation aspect comprises a difference between one or more of: a hash function, an encryption algorithm, and a key used in generating the first digital signature and the one or more additional digital signatures.
US16/251,243 2019-01-18 2019-01-18 Multiple signatures in metadata for the same data record Active 2039-12-20 US11138343B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US16/251,243 US11138343B2 (en) 2019-01-18 2019-01-18 Multiple signatures in metadata for the same data record

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US16/251,243 US11138343B2 (en) 2019-01-18 2019-01-18 Multiple signatures in metadata for the same data record

Publications (2)

Publication Number Publication Date
US20200233978A1 US20200233978A1 (en) 2020-07-23
US11138343B2 true US11138343B2 (en) 2021-10-05

Family

ID=71608972

Family Applications (1)

Application Number Title Priority Date Filing Date
US16/251,243 Active 2039-12-20 US11138343B2 (en) 2019-01-18 2019-01-18 Multiple signatures in metadata for the same data record

Country Status (1)

Country Link
US (1) US11138343B2 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11233640B2 (en) 2020-05-13 2022-01-25 Ridgeline, Inc. Mutation processing for events
US11949784B2 (en) * 2020-05-13 2024-04-02 Ridgeline, Inc. Auditing for events
US11818259B2 (en) * 2020-05-13 2023-11-14 Ridgeline, Inc. Query and projection processing for events
US11544253B2 (en) * 2020-06-24 2023-01-03 EMC IP Holding Company LLC Automated data routing in a data confidence fabric
US11762812B2 (en) * 2021-12-10 2023-09-19 Microsoft Technology Licensing, Llc Detecting changes in a namespace using namespace enumeration endpoint response payloads

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6049671A (en) * 1996-04-18 2000-04-11 Microsoft Corporation Method for identifying and obtaining computer software from a network computer
US20020038318A1 (en) 2000-09-22 2002-03-28 Cochran Jeffrey M. System and method for managing transferable records
US6564215B1 (en) 1999-12-16 2003-05-13 International Business Machines Corporation Update support in database content management
US20030120925A1 (en) * 2001-12-21 2003-06-26 Rose Gregory G. Method and apparatus for simplified audio authentication
US20060136708A1 (en) * 2004-12-20 2006-06-22 Hassan Hajji Information processing system, program product, and information processing method
US20080016358A1 (en) 2006-07-11 2008-01-17 Cantata Technology, Inc. System and method for authentication of transformed documents
US20080162501A1 (en) * 2006-12-27 2008-07-03 Research In Motion Limited Method and apparatus for memory management in an electronic device
US7539869B1 (en) * 2003-09-17 2009-05-26 Sun Microsystems, Inc. System and methods for using a signature protocol by a nonsigning client
US20090320012A1 (en) * 2008-06-04 2009-12-24 Mediatek Inc. Secure booting for updating firmware over the air
US20090327732A1 (en) * 2003-03-04 2009-12-31 Peter Buhler Long-term secure digital signatures
US20130290725A1 (en) * 2012-04-27 2013-10-31 Adobe Systems Inc. Method and apparatus for one-step signature trust for digitally-signed documents
US20140130183A1 (en) * 2011-06-23 2014-05-08 International Business Machines Corporation Managing Confidential Information
US20170054736A1 (en) 2015-08-20 2017-02-23 Guardtime Ip Holdings Limited System and method for verification lineage tracking of data sets
US9864878B2 (en) 2015-07-27 2018-01-09 International Business Machines Corporation Event log tamper detection
US20190245682A1 (en) * 2018-02-06 2019-08-08 Wickr Inc. Facilitating Communications using Hybrid Cryptography
US20190289019A1 (en) * 2016-02-12 2019-09-19 Visa International Service Association Network topology

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6049671A (en) * 1996-04-18 2000-04-11 Microsoft Corporation Method for identifying and obtaining computer software from a network computer
US6564215B1 (en) 1999-12-16 2003-05-13 International Business Machines Corporation Update support in database content management
US20020038318A1 (en) 2000-09-22 2002-03-28 Cochran Jeffrey M. System and method for managing transferable records
US20030120925A1 (en) * 2001-12-21 2003-06-26 Rose Gregory G. Method and apparatus for simplified audio authentication
US20090327732A1 (en) * 2003-03-04 2009-12-31 Peter Buhler Long-term secure digital signatures
US7539869B1 (en) * 2003-09-17 2009-05-26 Sun Microsystems, Inc. System and methods for using a signature protocol by a nonsigning client
US20060136708A1 (en) * 2004-12-20 2006-06-22 Hassan Hajji Information processing system, program product, and information processing method
US20080016358A1 (en) 2006-07-11 2008-01-17 Cantata Technology, Inc. System and method for authentication of transformed documents
US20080162501A1 (en) * 2006-12-27 2008-07-03 Research In Motion Limited Method and apparatus for memory management in an electronic device
US20090320012A1 (en) * 2008-06-04 2009-12-24 Mediatek Inc. Secure booting for updating firmware over the air
US20140130183A1 (en) * 2011-06-23 2014-05-08 International Business Machines Corporation Managing Confidential Information
US20130290725A1 (en) * 2012-04-27 2013-10-31 Adobe Systems Inc. Method and apparatus for one-step signature trust for digitally-signed documents
US9864878B2 (en) 2015-07-27 2018-01-09 International Business Machines Corporation Event log tamper detection
US20170054736A1 (en) 2015-08-20 2017-02-23 Guardtime Ip Holdings Limited System and method for verification lineage tracking of data sets
US20190289019A1 (en) * 2016-02-12 2019-09-19 Visa International Service Association Network topology
US20190245682A1 (en) * 2018-02-06 2019-08-08 Wickr Inc. Facilitating Communications using Hybrid Cryptography

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
DocuSign, DocuSign Signature Appliance Client User Guide, DocuSign, Inc. , Version 8.0, pp. 1-173 (Year: 2003). *
Gersch et al., "Deploying dns security (dnssec) in large-scale operational environments." Conference for Homeland Security, 2009. CATCH'09. Cybersecurity Applications & Technology. IEEE, 2009, 12 pages.
Jannen et al. "BetrFS: A Right-Optimized Write-Optimized File System." FAST. 2015, 16 pages.
Schoder et al., . "VeriStream—a framework for verifiable data streaming." International Conference on Financial Cryptography and Data Security. Springer, Berlin, Heidelberg, 2015, 26 pages.
Schroder et al., . "Verifiable data streaming." Proceedings of the 2012 ACM conference on Computer and Communications security. ACM, 2012, 10 pages.
Tang et al. "Outsourcing multi-version key-value stores with verifiable data freshness." Data Engineering (ICDE), 2014 IEEE 30th International Conference on. IEEE, 2014, 4 pages.

Also Published As

Publication number Publication date
US20200233978A1 (en) 2020-07-23

Similar Documents

Publication Publication Date Title
US10621381B2 (en) Event log tamper detection
US11138343B2 (en) Multiple signatures in metadata for the same data record
JP6680840B2 (en) Automatic detection of fraudulent digital certificates
US10728034B2 (en) Security privilege escalation exploit detection and mitigation
US20180198629A1 (en) Verified boot and key rotation
US10341303B2 (en) Automating the creation and maintenance of policy compliant environments
US20090328218A1 (en) Data processing system, data processing method, and program
JP2009230741A (en) Method and apparatus for verifying archived data integrity in integrated storage system
US8990559B2 (en) Automating the creation and maintenance of policy compliant environments
US10169252B2 (en) Configuring functional capabilities of a computer system
US11334879B2 (en) Method and system for digital payment instrument deployment of authentication seal
US20210263809A1 (en) Method, electronic device, and computer program product for storage management
US20220045866A1 (en) Method and system for authentication seal deployment in networked immutable transactions
US10860659B1 (en) Distributed verification of digital work product
CN112131041A (en) Method, apparatus and computer program product for managing data placement
US20210144451A1 (en) Control method, content management system, recording medium, and data structure
JP2009128956A (en) Data processor, data processing method and program
US11295031B2 (en) Event log tamper resistance
US11163909B2 (en) Using multiple signatures on a signed log
CN112559484A (en) Method, apparatus and computer program product for managing data objects
US11954219B1 (en) System, method, and computer program for universal security of container images
US11251940B2 (en) Decentralized repository using encryption for non-repudiable activity and ownership
US20240205018A1 (en) Quantum safe digital signature service
US20240056465A1 (en) System and method of managing and auditing training data based on distributed ledger technology
WO2020206398A1 (en) Systems and methods for remote certification of network devices

Legal Events

Date Code Title Description
AS Assignment

Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SOFIA, ANTHONY THOMAS;REEL/FRAME:048058/0150

Effective date: 20190117

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT RECEIVED

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED

STCF Information on status: patent grant

Free format text: PATENTED CASE